HP CIFS Server 3.0f Administrator's Guide verison A.02.03

4. Use the following procedures to configure the HP CIFS Server:
For new installations, you can run /opt/samba/bin/samba_setup and choose ADS Member
Server.
For new installations, finishsamba_setup commands and verify the following
smb.confconfiguration items. samba_setup will then perform the "net ads join -U
Administrator%password" command to join the ADS domain for you.
[global]
workgroup = MYREALM # Domain Name
realm = MYREALM.XYZ.COM
security = ADS
domain master = no
encrypt passwords = yes
netbios name = MYSERVER
password server = adsdc.myrealm.xyz.com
For existing installations, modify smb.conf configuration items as follows:
[global]
workgroup = MYREALM # Domain Name
realm = MYREALM.XYZ.COM
security = ADS
domain master = no
encrypt passwords = yes
netbios name = MYSERVER
password server = adsdc.myrealm.xyz.com
Then join the ADS domain by manually executing the "net ads join -U
Administrator%password" command.
5. Use the following command to start your HP CIFS Server:
/opt/samba/bin/startsmb
6. Run the following command to verify Kerberos authentication. In the following command, the -k option
is required to force the use of Kerberos security:
smbclient -W <Window Domain> -U <user name in domain>
-k //<HP CIFS Server name>/<share> <password for user>
You can connect to the share on the HP CIFS Server if you succeed to run the smbclient command.
Trust Relationships
Trust relationships enable pass-through authentication to users of one domain in another. A trusting domain
permits logon authentication to users of a trusted domain. There are various forms of trusts, depending on
the domain type and Windows 2000/2003 Domain trusts differ from NT Domain trusts. For more information
on trusts, consult the MS TechNet papers at http://technet.microsoft.com. For information on HP CIFS Server
trust relationships with NT Domains, see Chapter 4 “NT Style Domains”.
Windows 2000/2003 Domain trusts can take many forms. HP CIFS Server can support some but not all
Windows 2000/2003 trusts as described below:
HP CIFS PDCs can support external trusts which include trust relationships established between CIFS
Samba Domains and Windows 2000/2003, including incoming, outgoing, and two-way trusts.
HP CIFS Member Servers do not support all Windows 2000/2003 Domain intra/inter-forest trusts.
Most parent-child and child-child trusts are recognized appropriately and shortcut trusts are supported.
74 Windows 2000/2003 Domains